Posted by At Deloitte, our professional development plan focuses on helping people at every level of their career to identify and use their strengths to do their best work every day. From entry-level employees to senior leaders, we believe there’s always room to learn
Tier 1 Federal Security Operations Center Analyst
Job Description:
The Security Operations Center (SOC) Tier 1 Analyst must be willing to work in a 24x7x365 Security Operations Center environment, as well as may be expected to work some holidays and allow for flexible scheduling. You will monitor network traffic for security events and perform triage analysis to identify security incidents. Respond to computer security incidents by collecting, analyzing, preserving digital evidence and ensure that incidents are recorded and tracked in accordance with SOC requirements. Work closely with the other teams to assess risk and provide recommendations for improving our security posture.
Performs network security monitoring and incident response for a large organization.
Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.
Monitors and analyzes Security Information and Event Management (SIEM) to identify security issues for remediation.
Knowledge of creating Security Information Event Management (SIEM) rules.
Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
Recommend changes to Standard Operating Procedures and other similar documentation
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.
Qualifications
1-3 years of in depth experience working in ArcSight and or SPLUNK experience
Strong background in security incident response, system operations and threat intelligence
Bachelor’s degree or equivalent experience;
Minimum of 1 years of relevant experience
Excellent communication skills.
Should have knowledge in incident response, vulnerability management, security intelligence, automation / scripting and/or the operation of advanced security tools.
Ability to handle multiple competing priorities in a fast-paced and high pressure environment
Ability to work effectively with technical and non-technical business users
Strong interpersonal skills and prior professional services experience in 24×7 SOC operations is mandatory.